PETER CARLISLE t/a CARLISLE FINANCIAL SERVICES...2017/03/07 · Firms that Perform Audits and...

Quality Control Manual QCM1.5 17/03/2017 of 40

PETER CARLISLE t/a CARLISLE FINANCIAL SERVICES

QUALITY CONTROL MANUAL

SOLE PRACTITIONER WITH NON-PROFESSIONAL STAFF

Carlisle Financial Service Quality Control Manual

Doc Ref No: QCM-1.2

Title: Carlisle Financial Services Quality Control Manual Revision No: 05

Compiler: Henk Nieuwenhuis Date Compiled: 11/03/2017

Approver: Peter Carlisle Effective date: 17/03/2017


Peter Carlisle Sole Practitioner T/A Carlisle Financial Services Registered Auditor with The IRBA IRBA Registration number: 957410 21 Kroton Street, Roodepoort PO Box 6758, Weltevreden Park, 1715 Tel +27 11 781 2588 Fax +27 11 886 7639 Partner: Peter Carlisle (CA) SA, Registered Auditor All rights reserved. No part of this publication may be reproduced, adapted or transmitted, in any form or by any means, without the prior written permission of Peter Carlisle. Vision Statement. Mission Statement and Core Values Our Vision is to be the leading Audit firm in public practice in the Small and Medium enterprises Sector. Our Mission is to perform Audits that conform with our Quality policy and that conforms to the standards as set by IRBA and other related bodies. The audits are to be performed in the interest of the public at all times. Our values are quality of service, timely and appropriate client communication, and a collegial professional attitude within the firm which is backed by integrity, conscientiousness, and consultation. Further an adherence to all laws to which we and clients are subject to and a display of honest and independent attitude towards clients and their staff. I, Peter Carlisle the Sole Practitioner of Carlisle Financial Services, hereby approve this Quality Manual and confirm all the information supplied by us and all undertakings given by us in terms of this Manual. …………………………….. Peter Carlisle CA (SA), RA Dated: 27 February 2014 at 401 Main Avenue, Randburg


Table of Contents

General Policy Statement.............................................................................................................. 04

General Roles and Responsibilities of the Peter Carlisle and Staff................... 04

1. Leadership Responsibilities for Quality Within the Carlisle Financial Services....................... 06

1.1 Tone at the Top ............................................................................................ 06

1.2 Leadership Positions.................................................................................... 07

2. Relevant Ethical Requirements................................................................................................. 10

2.1 Independence............................................................................................. 10

2.1.1 Long Association on Audit Engagements for Public Interest Entities...... 11

2.1.2 Rotation of Personnel on Audit Engagements for Non-listed Entities...... 12

2.1.3 Fees that constitute a significant proportion of income………………….. 12

2.1.4 Confidentiality of and access to client information……………………….. 12

2.1.5 Anti-money laundering legislation and professional requirements……… 13

2.1.6 Reportable Irregularity requirements………………………………………. 15

2.1.7 Client monies / assets held…………………………………………………. 16

2.1.8 Conflict of interest and its resolution………………………………………. 16

2.1.9 Maintenance of prohibited investment lists……………………………….. 19

2.1.10 breaches and/or waivers of ethical requirements………………………. 19

2.1.11 Safeguards over the familiarity threat……………………………………. 19

2.1.12 Non brokerage of assurance and insurance products 20

3. Acceptance and Continuance of Client Relationships and Specific Engagements ....... 20

3.1 Acceptance and Continuance .................................................................... 20

3.2 Withdrawal from an Engagement or Client Relationship ........................... 21

3.3 Communication with Predecessor Auditor…………………………………. 23

4. Human Resources .................................................................................................................... 24

4.1 Recruitment and Retention ....................................................................... 24

4.2 Training and Continuing Professional Development (CPD) ....................... 29

4.3 Assignment of Engagement Teams ........................................................... 29

4.4 Enforcement of Quality Control Policies (Discipline) ................................ 30

4.5 Rewarding Compliance .............................................................................. 30

5. Engagement Performance ..................................................................................................... 30

5.1 Role of the Peter Carlisle Engagement Leader ........................................ 31

5.2 Consultation .............................................................................................. 32

5.3 Differences of Opinion............................................................................... 32

5.4 Engagement Quality Control Review (EQCR) .......................................... 33

5.4.1 Nature, Timing, and Extent of an Engagement Quality Control Review 34

5.4.2 Engagement Quality Control Reviewer (QCR)………………………….. 34

6. Monitoring ............................................................................................................................... 35

6.1 Monitoring Program .................................................................................... 35

6.2 Inspection Procedures .............................................................................. 35

6.3 Evaluating, Communicating, and Remedying Deficiencies ...................... 36

6.4 Report on the Results of Monitoring ......................................................... 36

6.4.1 Non-compliance…………………………………………………………….. 37

6.5 Complaints and Allegations....................................................................... 37

7. Documentation ........................................................................................................................ 37

7.1 Documentation of the Firm’s Policies and Procedures.............................. 37

7.2 Documentation of the Engagement .......................................................... 38

7.3 Documentation of the Engagement Quality Control Review .................... 38

7.4 File Access and Retention ........................................................................ 39

7.5 Complaints and Allegations....................................................................... 39


General Policy Statement

It is the Partners’ objective to establish, implement, maintain, monitor, and enforce a quality control system that

meets, as a minimum, the requirements of the International Standard on Quality Control (ISQC) 1, Quality Control for

Firms that Perform Audits and Reviews of Financial Statements, and Other Assurance and Related Services Engagements. The

quality control system is intended to provide the Partner with reasonable assurance that the firm and its personnel

comply with professional standards and applicable legal and regulatory requirements and that engagement reports

issued by the firm are appropriate in the circumstances. Quality control procedures must be properly

documented and communicated to the firm’s personnel.

These form an essential part of the ethos of ISQC1 and are dealt with in more detail in the sections that follow. A

form for demonstrating that each member of staff and each partner has read and understood the firms’

procedures (confirmation of understanding schedule- COU.FOR.1.1) is included in the forms in this Guide.

General Roles and Responsibilities of the Partner and Staff

Peter Carlisle (Sole Practitioner Trading as Carlisle Financial Services) exercises ultimate authority and bears responsibility for the system of quality control.

The overriding message of the Partner is a commitment to quality, and to encourage and promote staff who are equally

committed to this agenda.

The Partner and each staff member are, to varying degrees, responsible for implementing the firms’ quality control policies.

The Partner and staff are required to conform to the following guidelines:

• Treating ethical behavior and quality of service as the first priority; commercial considerations may not override the

quality of the work performed;

• Reading, understanding, and following the IRBA Code;

• Understanding the Partners’ and staff responsibilities to identify, disclose, and document threats to independence and

the process to be followed to address and manage identified threats;

• Avoiding circumstances where independence may be (or appear to be) impaired;

• Complying with continuing professional development requirements including maintenance of records as evidence

thereof;

• Remaining abreast of current developments in the profession, applicable financial reporting framework and assurance

standards (for example, IFRSs, ISAs), disclosure and accounting practices, quality control, firm standards, and relevant

industry and client-specific developments;

• Providing the Partner and staff with courteous assistance, when needed and requested, to help them learn through

shared knowledge and experience and improve the quality of client service;


• Keeping time records (regularly entered into Carlisle Financial Services’ time and billing systems) to track and identify

time spent on engagement and office activities (both chargeable and non-chargeable);

• Safeguarding and properly using and maintaining office and computer equipment (including network and

communication resources) and other shared assets. This includes using Carlisle Financial Services’ technological

resources only for appropriate business purposes, taking into consideration ethics, client confidentiality, and privacy;

• Keeping Carlisle Financial Services’ and client data, business and client information, and personal information secure

and confidential (Fill out form CIR.FOR.1.1);

• Ensuring that firm-generated electronic-based information on the client or firm is stored on the Carlisle Financial Services network according to appropriate information storage procedures;

• Informing The Partner of any observations of significant breaches in Carlisle Financial Services’ quality control, ethics

including independence, confidentiality, or inappropriate use of Carlisle Financial Services’ resources (including Web

and e-mail systems);

• Documenting and maintaining appropriate records of all significant client contacts when professional advice is given or

requested;

• Documenting and maintaining appropriate records of all significant consultations, discussions, analyses, resolutions,

and conclusions on independence threat to management, difficult or contentious issues, differences of opinion, and

conflicts of interest; and

• Following Carlisle Financial Services’ standard practices for work hours, attendance, administration, meeting deadlines,

and quality control.


1. Leadership Responsibilities for Quality Within Carlisle Financial Services

1.1 Tone at the Top The Partner decides on all key matters regarding the professional practice.

The Partner accepts responsibility for leading and promoting a culture of quality within the firm and for providing and

maintaining this manual and all other necessary practical aids and guidance to support engagement quality.

The Partner determines the operating and reporting structure. In addition, The Partner may designate qualified staff, on an

annual or other periodic basis, the person(s) responsible for recordkeeping or other administrative elements of the quality

control system; however, ultimate responsibility for these functions will rest with The Partner .

Any individuals who take on specific responsibilities and duties for the quality control system shall have sufficient and

appropriate experience and ability, and the necessary authority, to carry out their responsibilities.

Procedures :

Peter Carlisle (The sole Partner of Carlisle Financial Services) has made this manual available open to everyone working

at the firm.

• All members of staff are required to attend the annual training sessions on the quality manual, this training

is facilitated by the Partner or any other person whom is delegated to do so by the Partner, this training is

provided to ensure that all members of the staff have sufficient and the latest knowledge of the quality

control manual and ensures that each member has knowledge of what is required to support engagement

quality.

• he regularly reviews (no less than twice a year) the quality control manual and updates it when necessary.

• he keeps abreast of IRBA information releases and updates his knowledge and the manual.

• he regularly attends CPD courses and keeps his knowledge current.

• All staff members are provided immediate training (no less than 14 days after the effective date of any

update to the Quality control manual) on all updates to the quality control manual by the Partner or any

person whom is so qualified any appointed by the Partner to do so.

any person responsible for record keeping will be fully qualified (according to professional and industry

standards) and approved by the Partner. The Partner will sign an appointment letter for such a person after

considering their ability to carry out this function.

The Partner of Carlisle Financial Services will be responsible to ensure that the policies and the implementation thereof in

the procedures are implemented. Implementation will be done on a daily basis under the direct supervision of the Partner

by the execution of the Policies and Procedures set out in the Quality Control Manual. The Policies and Procedures in the

Quality Control Manual will be communicated to all personnel by the provision of copies of this manual and by training all

personnel in the duties which they have to execute to follow the procedures set out in this manual. It is the specific duty of

the Partner to ensure that up to date copies of all required Manuals are at all times available to all Members of Personnel

who may require same to do their work. All personnel will from time to be required to complete tests or proficiency

demonstrations to ascertain their level of understanding of the Policies and Procedures of the firm. These will be scheduled

at the discretion of the Partner but will be done at least annually. Personnel will be informed when Policies or Procedures in

the Quality Control Manual are amended or changed and will at all times have access a complete and up to date set of

Quality Control Manual.


1.2 Leadership Positions

Throughout this quality control manual, reference is made to various leadership functions within the firm. The Partner

serves several roles. However, the role of HR may be served by appropriately qualified staff and the QCR will be a suitably

qualified external person. These roles are defined as follows:

The Partner . Owner and manager of the firm

QCR (Quality Control Reviewer). Any professional performing the function of engagement quality control review

HR (Human Resources). Personnel responsible for all human resource functions including recordkeeping with respect to

professional duties such as membership fees and continuing professional development

Development and implementation of policies relating to operation of the Firm: The Quality control policy document was developed in accordance with the guidelines of the SAICA guideline as issued in

2011 applicable to Small and Medium Sized Practices, specifically guidance issued to Sole Practitioners. The quality

control manual is continually updated in line with changes in the various codes and aids. The Partner provides direction

and counsel to the formal governance of the Firm. Policy decisions and changes relating to the operation of the Firm are

developed by the Partner and approved by the Partner and is the end responsibility of the Partner. The Partner may from

time to time delegate certain specific tasks relating to Policy decisions and changes relating to operation of the Firm to

specific qualified personnel. The Partner of the firm will however retain responsibility for all actions by their delegates in

terms of such delegation.

A) Documentation � Documents relating to the Quality control manual are created and amended electronically by the Partner;

� The Partner causes a regular review of all the documents in the system to ensure that it’s the most current and

applicability, this review is to be done on a six monthly basis;

� The Partner approves and "signs off" an electronic copy of each new document or amendment to the Quality control

manual, which is then uploaded onto the related party’s website (www.ctfsa.com). The Partner takes full responsibility

for the uploading of the latest Quality manual. All staff of Carlisle Financial Services will be notified (no later than 14

days) by the Partner of all amendments made to the Quality Manual. The Partner has sole access to the admin section

of www.ctfsa.com website enabling any uploading and deletion of the Quality manual. Documents are maintained in

computerized systems and are made and controlled in such a manner that it is ensured that electronic versions of the

documents relating to Quality control manual are secure and also stored on a removable disc which is kept in a safe

location.

� The Partner of the firm is the only person who have full access to the Quality control manual (He has full access to

make changes, delete and replace).

� All other employees have only read and copy access to the documents and they do not have the authority to effect any

amendments or upload new documents. Any staff member requiring full access to the Quality control manual, other

than the Partner will obtain prior authorization (written or verbal) from the Partner;

� The Quality control manual document has a footer to facilitate tracking, authentication, retrieving and archiving. The

footer includes at least the date, document number and number of pages; and

� An automatic daily encrypted back-up of all files is made. A monthly encrypted back-up is made to several hard disks

then removable disk kept off site, additionally the IT service provider of the firm makes weekly back-ups of all the data


onto a removable disc. Once all the back-ups have been done, the Partner (no later than 14 days after an audit report

has been signed off) removes all copies of the local server, this data is stored off site. The partner performs this duty

to ensure that no data is corrupted, hacked or mistakenly or deliberately altered once an audit is signed off.

B) Implementation The management of the day-to-day affairs of Carlisle Financial Services is delegated by the Partner to the audit

manager/(s), who will be responsible to ensure that the policies and the implementation thereof in the procedures are

implemented. Implementation will be done on a daily basis under the direct supervision of the Partner by the execution

of the Policies and Procedures set out in the Quality Control Manual. The Policies and Procedures will be

electronically communicated to all personnel by the provision of electronic copies of the Quality Control Manual and by

training all personnel in the duties which they have to execute to follow the procedures set out in the Quality Control

Manual. It is the specific duty of the Partner to ensure that up to date copies of all required Quality Control Manuals

are at all times available to all Members of Personnel who may require them to do their work. The Latest Quality

Control Manual is uploaded onto www.ctfsa.com website. The Partner sends emails to all personnel of the firm

notifying them of any changes made to the Quality Control Manual (these email are sent to the personnel no later than

14 days after the amendments have been effected). The Partner ensures to highlight any changes made to the

manual in the email sent, thus ensuring that all personnel have knowledge of all the amendments. All staff are required

to read all the amendments and contact the Partner (within 14 days after the email was sent to them by the Partner)

should they have any queries regarding the amendments and the implementation of such amendments

Internal audits on the control manual quality Carlisle Financial Services’ audit policy for annual internal review is aimed at ensuring that all aspects of quality control of

its operations are carried out according to the documented system.

The internal audit aims to:

Identify non-conformances or deviation between how actual quality audits are performed; Check that Carlisle Financial

Services’ management system as documented is effective and efficient; identify what corrective actions should be

implemented for any non-conformances identified. The Internal Audit is an on-going process scheduled over a twelve-

month cycle; One of the following activities will be audited each quarter: the audit engagement process, document control,

structural requirements and management system; Where non-conformances are identified, corrective actions are

implemented; A follow-up audit is scheduled to monitor that compliance is being sustained. Any non-conformances

identified are subjected to in-depth/root cause analysis to identify the cause of the problem; Once a root cause analysis

has been conducted and a cause identified, the necessary corrective action is determined depending on whether a non-

conformance was the result of personnel not following procedure or whether the procedure needs to be amended. If the

cause is personnel not following procedure, further training is done without delay. If the cause is procedural, immediate

steps are taken to address the problem; Corrective action is implemented within a reasonable timeline and according to the

documented procedures; A follow-up audit is scheduled to ensure that adherence to procedures is being implemented,

maintained and is effective; and If during the audit, it becomes apparent that the outcome of any audit has been affected by

a non-conformance, the Client and IRBA must be informed and the situation rectified immediately. On the basis of the Audit

findings and the Internal Audit Report, the relevant Audit manager/(s), under the supervision of the Partner, will review all

amendments that need to be made to this Manual, Procedures, and Documentation to implement the corrective action; All

personnel are sent a Memorandum informing them about the changes and they are supplied with updated copies of all

documentation. The obsolete copies of documentation are collected and destroyed( no only electronic copy) ; Where the

corrective action involves staff training, this is scheduled and staff are advised; and A follow-up audit is scheduled in three

months’ time to monitor that the corrected procedure is being followed.

When conformances are identified:


� The Partner and Staff interprets the internal culture as one that rewards quality performance and work. This has been

made clear to all staff through all means of communication,(training ,e mail, verbal and review of files amongst other)

Also it is included in the mission statement and firm goals, Internal and external training, dialogue with the staff goes to

reinforce this behaviour. Conformance is encouraged by using the following:

� ethical behavior and quality of service is first priority understanding, and following the IESBA Code

� identify, disclose, and document threats to independence

� Avoiding circumstances where independence may be (or appear to be) impaired

� Compliance to regular CPD learning through shared knowledge and experience

� Reinforcing confidentiality

� Informing a partner or manager of any observations of significant breaches in firm quality control

When Non-conformances are identified:

� Any non-conformances identified are subjected to in-depth/root cause analysis to identify the cause of the problem;

� Once a root cause analysis has been conducted and a cause identified, the necessary corrective action is determined

depending on whether a non-conformance was the result of personnel not following procedure or whether the procedure

needs to be amended. If the cause is personnel not following procedure, further training is done without delay. If the

cause is procedural, immediate steps are taken to address the problem;

Corrective Action:

� When a non-conformance has been identified and the necessary corrective action determined, the Partner, in

collaboration with the senior audit manager/(s) personnel, meet to discuss implementation of the corrective action; The

corrective action is applied;

� The Partner may appoint a suitable person to prepare the Internal Audit Report.

� The Person appointed to perform the internal audit will be required to perform the following amongst other duties:

1. Attend all meetings where the Policies and manual are communicated to the personnel

2. Be included in all electronic communications to all staff concerning any amendments to the policies

3. The person will be responsible for checking that all policies are followed by the personnel

4. Will prepare the internal audit reports that are communicated to the Partner within 14 days after the

internal audit has been completed.

� On the basis of the Audit findings and the Internal Audit Report the relevant Audit manager/(s), under the supervision of

the Partner, will review all amendments that need to be made to this Manual, Procedures, and Documentation to

implement the corrective action;

� All personnel are sent a Memorandum in electronic format (such as an email) informing them about the changes and

they are supplied with updated copies of all documentation. As the manual is kept in electronic format (With the Partner

being the only person with sole access to the manual), All new manuals will replace all the old manuals and such there

will never be at any time, any obsolete manual stored on the server.

� Where the corrective action involves staff training, this is scheduled and staff are advised; and

� An on-going follow-up internal audit is performed to monitor that the corrected procedure is being followed.


Updates to the quality control manual The quality control manual is continually updated as and when there are either changes to the various codes and

guidelines as well as when any staff member brings it to the partners attention and changes are required. The quality

control manual is not a static document and continually evolves over time.

2. Relevant Ethical Requirements

Carlisle Financial Services and their personnel shall comply with relevant ethical requirements including, as a minimum,

those set out in the International Ethics Standards Board for Accountants’ Code of Ethics for Professional Accountants

(IESBA Code) and any additional local regulatory requirements.

The Partner recognizes the value of ethical leadership and accepts responsibility to provide it.

The Partner has an expectation that all staff maintain current knowledge of the provisions contained within the IESBA

Code. This will require all staff to assume personal responsibility for the periodic review of the contents of the IESBA Code.

The partner expects all staff to maintain current knowledge of the provisions contained within the IESBA Code. This will

require all staff to assume personal responsibility for the periodic review of the contents of the IESBA Code. Further the

firm encourages the following from all staff and partners.

• All threats pertaining ethical behaviour are to be reported to the partner immediately along with all

associated facts.

• Staff are regularly asked their approach to ethical dilemma's

• Staff are provided training and shown SAICA videos relating to ethical issues encountered in the market

place

2.1 Independence Independence and Objectivity are necessary preconditions for the provision of creditable assurance services by the firm. Threats to independence fall into one of the following categories: Self-interest - (the threat that financial or other interest will inappropriately influence the professional accountant’s judgment or behaviour;) Self-review - (the threat that a professional accountant will not appropriately evaluate the results of a previous judgment made or service performed by the professional accountant, or by another individual within the professional accountant’s firm or employing organization, on which the accountant will rely when forming a judgment as part of providing a current service) Advocacy - (the threat that a professional accountant will promote a client’s or employer’s position to the point that the professional accountant’s objectivity is compromised, Familiarity - (the threat that due to a long or close relationship with a client or employer, a professional accountant will be too sympathetic to their interests or too accepting of their work) and Intimidation - (the threat that a professional accountant will be deterred from acting objectively because of actual or perceived pressures, including attempts to exercise undue influence over the professional accountant). If a threat to independence cannot be eliminated or reduced to an acceptable level by applying appropriate safeguards, the firm shall eliminate the activity, interest, or relationship that is creating the threat, or refuse to accept or continue the engagement. Consequently the circumstances or relationship creating the threat must be avoided. The Partner takes ultimate responsibility for the appropriate resolution of independence threats.

The Partner and all staff must be independent both of mind and in appearance of their assurance clients and engagements.

Independence shall be maintained throughout the engagement period for all assurance engagements, as set forth in and

by:


• The IESBA Code, specifically Section 290 and Section 291;

• ISQC 1; and

• Any additional local requirements.

If threats to independence cannot be eliminated or reduced to an acceptable level by applying appropriate safeguards, The

Partner shall eliminate the activity, interest, or relationship that is creating the threat, or refuse to accept or continue the

engagement.

The Partner is responsible for, and must ensure, an appropriate resolution to independence threats.

The Partner and staff are required to review their specific circumstances for any independence threats. The Partner is to be

informed if such threats are identified by staff.

The Partner must document the details of identified threats, including relationships or circumstances involving a client, and

the safeguards that were applied.

All staff are required to provide the Partner annually with written confirmation that they understand and have complied with

Section 290 and Section 291 of the IESBA Code and Carlisle Financial Services’ independence policies.

Staff assigned to an assurance engagement shall confirm to the Partner that they are independent of the client and

engagement, or notify the Partner of any threats to independence so that appropriate safeguards can be applied.

Staff must notify The Partner if, to their knowledge, they or any other staff member have, during the disclosure period,

provided any service that would be prohibited under Section 290 and Section 291 of the IESBA Code or other local

requirement, which could result in The Partner being unable to complete an assurance engagement. The Partner shall take

whatever reasonable actions are necessary and possible to eliminate or reduce any independence threat to an acceptable

level. These actions may include:

• Replacing a member of the engagement team;

• Ceasing or altering specific types of work or services performed in an engagement;

• Divesting of a financial or ownership interest;

• Ceasing or changing the nature of personal or business relationships with clients;

• Submitting work for additional review to an external professional accountant or other staff member; and

• Taking any other reasonable actions that are appropriate in the circumstances.

2.1.1 Long Association on Audit Engagements for Public Interest Entities

The Partner and staff must follow Section 290 of the IESBA Code, and any additional local requirements, regarding

mandatory rotation on all audit engagements for public interest entities.

Some degree of flexibility may be permitted in rare cases due to unforeseen circumstances outside of the firm’s control and

where the individual’s continuity on the audit engagement is especially important to audit quality. In these cases, equivalent

safeguards will be applied to reduce any threats to an acceptable level. Such safeguards, at a minimum, will include an

additional review of the work performed by a professional who has not been associated with the audit team, most likely a

suitably qualified external person. The circumstances under which rotation would not be recommended or required should

be compelling.

Otherwise, for The Partner, rotation may not be an available safeguard. In accordance with the IESBA Code (paragraph

290.155), if an independent regulator in the relevant jurisdiction has provided an exemption from partner rotation in such

circumstances, an individual may remain a key audit partner for more than seven years, in accordance with such regulation,

provided that the independent regulator has specified alternative safeguards which are applied, such as a regular

independent external review.


2.1.2 Rotation of Personnel on Audit Engagements for Non-listed Entities

As a policy, the Firm does not accept any Public Interest Entities (PIE) which maybe non-listed entities. As the firm is a sole

practitioner, Partner rotation may not be possible. However the personnel of the firm may not be engaged with any client

for any period that exceeds 5 (FIVE) years. The Partner ensures when selecting an engagement team, no audit personnel

has been part of the engagement team for longer than 5(FIVE) years

2.1.3 Fees that constitute a significant proportion of income The firm will always ensure that no single client will constitute more than 10 % of the total revenue of the firm. Any existing or potential client whose income is expected to exceed 5 % of the total income will be considered as significant. Should a single client fees exceed 10 % then we should suspend certain services and reduce the threat to independence. Significant clients are to be reviewed and independence continually re considered.

• Fees from existing clients are to be annually reviewed. • All clients with fees exceeding 10% and significant clients are to be identified. • These clients are then to be classified into those for whom assurance services are performed and those

there are no assurance services provided. • Significant clients assurance services are to be evaluated and the risks to independence considered. • Where necessary Independent Quality Consultants are to be requested to review the audit files to ensure

that proper audit procedures were carried out. • The Independent Quality Consultants reports should be studied and recommendations to be followed.

2.1.4 Confidentiality of and access to client information The firm is required to fulfill its legal, professional, and fiduciary duties regarding privacy legislation and Section 140 of the IESBA Code. All partners and staff must protect and keep confidential any client information that is required to be kept confidential and protected according to the laws of South Africa, Section 140 of the IESBA Code and specific client instructions or agreements. Client information and any personal information obtained during an engagement should be used or disclosed only for the purpose for which it was collected. No information – written, verbal or in any way is to be disseminated to any third party with-out the clients express written permission. The only relaxation would be in the event of a valid court order compelling the firm to disseminate such information to a third party. No access to the firms server or network will be granted to external computers however in the event that the need arises to allow a third party to gain access to the network all such computers who wish to gain access to our file server must first be sent to our IT consultants to ensure that they are free from any viruses, any type of spyware or any malicious software.

• Carlisle Financial Services and its staff, Partners and outsourced staff will; Preserve the confidentiality of

confidential information communicated to them. Unless having received the written permission from the entity,

refrain from disclosing confidential information in press releases, through research conferences, conversations

with investors, entities and any other persons.

� All Carlisle Financial Services staff, partners and outsourced staff will sign the confidentiality form

� Carlisle Financial Services will use confidential information only for the purpose related to its auditing

activities.

� Carlisle Financial Services’ staff will take all reasonable measures to protect all property and records

belonging to or in possession of Carlisle Financial Services from fraud, theft or misuse.

� Carlisle Financial Services requires all staff members to adhere to SAICA’s code of conduct. As Carlisle

Financial Services limits all its assurance engagements to non-listed, non-public interest entities, no insider

information relating to listed shares will be obtained by any personnel while executing their duties for Carlisle

financial services.


� Carlisle Financial Services staff will not disclose any non-public information about opinions of Carlisle

Financial Services, except to the audit client or its designated agents.

� Carlisle Financial Services staff will not share confidential information entrusted to Carlisle Financial Services

with staff of any affiliated entities except to the extent such staff are acting as agents of Carlisle Financial

Services with respect to the auditing process, and are bound by appropriate confidentiality obligations. Carlisle

Financial Services with respect to the auditing process, and are bound by appropriate confidentiality

obligations. Carlisle Financial Services staff will not share confidential information within Carlisle Financial

Services except on a ‘reason to know’ basis.

� Carlisle Financial Services will ensure that equipment and facilities be maintained to ensure secure handling

of confidential information.

� All documentation obtained or created relating to any audit is and will be treated as privileged, and confidential

and is stored in locked filing cabinets in a dedicated office;

� All personnel and audit managers requiring access to the documentation and information will follow the

directions set in place by the Partner from time to time;

� No confidential information will be disclosed without the written consent from the party concerned

� Disclosure to third parties; Except as required by law or IRBA, information about a particular client or

individual may not be disclosed to a third party without the written consent of the client/ individual concerned.

All disclosure to third parties must be authorised by the Partner of Carlisle Financial Services. No request of

confidential and other information should be dealt with by any personnel, staff member. Such requests must

be referred to the Partner. All disclosures will be recorded in writing and kept on record in terms of the Carlisle

Financial Services record system.

� The Partner of the firm will ensure that all client related information (including but not limited to, working

papers, financial statements, opinion and directors reports) are removed from the local server no later than 14

days after an assurance engagement is completed. The information is saved on an external server without

delay. The external server is prohibited from having any internet access on it, thus ensuring that no

unauthorized persons get access to this information

2.1.5 Anti-money laundering legislation and professional requirements;

Carlisle Financial Services (the “Firm”) Anit-Money Laundering (AML) Policy establishes the standards of AML compliance and is applicable to all activities of the firm.

Definition of Money Laundering (ML) ML is the process by which criminals attempt to disguise the true origin of the proceeds of their criminal activities by the use of the financial system so that after a series of transactions, the money, its ownership and the income earned from it appear to be legitimate. ML is the processing of criminal proceeds in order to disguise their illegal origin. This process is often achieved by converting the original illegally obtained proceeds from their original form, usually cash, into other forms such as deposits or securities and by transferring them from one financial institution to another using the account of apparently different persons or businesses.

Money Laundering Risks


Carlisle Financial Services is aware that it is exposed to several risks if an appropriate AML framework is not established:

• Reputation Risk- Risk of loss due to severe impact on Firm’s reputation. This may be of particular concern given the nature of the Firm’s business, which requires maintaining the confidence of depositors, creditors and the general marketplace.

• Compliance Risk- Risk of loss due to failure of compliance with key

• Regulations governing the Firm’s operations.

• Operations Risk- Risk of loss resulting from inadequate or failed internal processes, people and systems, or from external events.

• Legal Risk- Risk of loss due to any of the above risk or combination thereof resulting into the failure to comply with Law and having a negative legal impact on the Firm. The specific types of negative legal impacts could arise by way of fines, confiscation of illegal proceeds, criminal liability etc.

• Financial Risk- Risk of loss due to any of the above risks or combination thereof resulting into the negative financial impact on the Firm Policy

AML Standards The Firm would adopt a risk-based approach in implementing its AML framework. The AML standards of the Firm would be primarily based on Know Your Customer (KYC). All suspicious transactions shall include large as well as cash transactions above a threshold limit as per applicable regulations and shall be monitored and reported. A) Risk-based approach in implementing AML framework In order to ensure efficient implementation of the AML framework by the Firm, it is necessary to establish a risk-based process on the basis of which Firm shall evolve detailed AML procedures specific to their activity. It is recognized that a higher level of due diligence and monitoring would be specified for business areas prone to higher ML risks. Accordingly, individuals and entities whose identities and sources of wealth can be easily identified and transactions in whose accounts by and large conform to the known profile may be categorized as low risk (ex: customers with well defined salary structures). Further, customers that are like to pose a higher than average risk to the Firm may be categorized as medium or high risk depending on factors such as customer’s backgrounds, nature and location of activity etc B) Know Your Customer (KYC) The Firm is aware that availability of sufficient customer information underpins all other AML procedures and should be seen as a critical element in the effective management of ML risks. The Firm has evolved a Client Acceptance Policy (Which forms part of the pre-engagement activities performed by Peter Carlisle) which lays down the criteria for the acceptance of clients. The KYC procedures would be based on the following principles in addition to the various aspects outlined in the Client Acceptance Policy: In dealing with customers across various geographies, product lines (including those utilizing new technologies) and business segments, the Firm is aware that the ML risks may vary. Therefore the AML Policy requires adoption of a risk-based KYC procedure to be evolved separately for various business segments in line with the international best practices. The Firm shall ensure that there is in place a process of customer identification and verification depending on the nature/status of the customer and kind of transactions that are contemplated to take place. Appropriate customer identification and verification procedures (basic/ enhanced due diligence as highlighted in the Client Acceptance Policy) shall be conducted by Peter Carlisle at different stages i.e. while establishing a Firm’s relationship, carrying out a financial transaction or when the Firm has doubt about the authenticity/veracity or the adequacy of the previously obtained customer identification data. Peter Carlisle shall ensure that a business relationship is commenced only after establishing and verifying the identity of the customer and understanding the nature of the business the customer expects to conduct. The risk based KYC procedures adopted by the Firm shall be applicable to all the new customer relationships. The KYC procedures shall become applicable to existing customers only if the risk profile of the customer or customer segment changes to a higher risk category or based on materiality or pursuant to any applicable regulatory guidelines or when there is an unusual pattern in the operation of account. This shall be done by way of enhanced due diligence. The Firm shall obtain information from correspondent Firm’s as regards their compliance with an acceptable AML program in order to proceed with offering its services to the customers of the correspondent Firm4.


AML Procedures

A)Formulation of AML Procedures Peter Carlisle shall formulate business specific AML procedures which include systems for due diligence for identification of risks, compliance with applicable laws etc. The detailed AML procedures would cover the following areas: Customer risk rating: Segments of customers shall be rated based on their perceived ML risks. Risk based KYC procedures: The KYC procedures shall be based on perceived product and customer segment risk and cover the complete spectrum of activities during customer acquisition such as identification procedures and verification of documents. Reporting structure: The structure for reporting unusual and suspicious transactions and ML activities shall be laid down. Internal controls: Internal control processes for appropriate escalation procedures and periodic audits shall be laid down.

B) Role of employees The role of employees in implementing any AML framework being critical, employees would be expected to carry out the stipulated procedures efficiently. Any inefficient or suspicious behavior of employees shall be dealt with suitably. The employees shall maintain strict confidentiality in regard to KYC

2.1.6 Reportable Irregularity requirements;

All engagement staff must apply the necessary degree of care and attention in order to be aware of conditions or events that may give rise to possible reportable irregularities while performing audit engagements. All engagement staff must have sufficient knowledge and understanding of the requirements of section 45 of the Auditing Professions Act. Engagement staff that lack knowledge or an understanding of reportable irregularities must be trained in terms of the firm's policy for training and continued professional development. Training may include scenario analysis and simulations of reportable irregularities in order to ensure a proactive approach to identifying events that may lead up to reportable irregularities. In the event that any engagement member comes across an actual or suspected reportable irregularity, that fact must be disclosed to Peter Carlisle immediately without delay. The communication of the reportable irregularity can be verbal and/or in written format as long as the details of the events leading to the reportable irregularity are conveyed legibly and clearly. Full details of the reportable irregularity and the events leading up to the irregularity must be disclosed by the engagement member that identified the reportable irregularity. This must be done in order to allow the engagement partner the ability to make a comprehensive assessment of the circumstances and events leading up to the reportable irregularity. Engagement staff that are found to have failed to act upon their responsibility of communicating reportable irregularities to Peter Carlisle will be disciplined in terms of the policies dealing with the enforcement of quality control as detailed in part 4.4 of Peter Carlisle's quality control manual.

Procedure

1.) Communicate all details of the events and circumstances surrounding the reportable irregularity to the engagement partner. - Communication of the details of the events and circumstances must be conveyed as soon as the

engagement member is aware of the event. - The communication must be in an appropriate format so that it can be accessible and understood by

the engagement partner. Communication regarding the identification of these events should preferably be done by means of electronic mail.

2.) The following process must be followed by the engagement partner and must be in compliance with the requirements of section 45 of the Auditing Professions Act: - Should the engagement partner be satisfied or have reason to believe that a reportable irregularity has taken

or is taking place, he must without delay, send a written report to the Independent Regulatory Board of Auditors.

- The report must give particulars of the reportable irregularity and must include such other information and particulars as the engagement partner considers appropriate.

- The registered auditor must within three days of sending the report to the Regulatory Board notify the members of the management board of the entity in writing of the sending of the report and the provisions of section 45 of the Auditing Profession Act.


* A copy of the report to the Regulatory Board must accompany the notice.

- The engagement partner must as soon as reasonably possible but no later than 30 days from the date on which the report was sent to the Regulatory Board –

a.) take all reasonable measures to discuss the report with the members of the management board of the

entity; b.) afford the members of the management board of the entity an opportunity to make representations in

respect of the report; and c.) send another report to the Regulatory Board, which report must include- - a statement that the engagement partner is of the opinion that

• no reportable irregularity has taken place or is taking place; or

• the suspected reportable irregularity is no longer taking place and that adequate steps have been taken for the prevention or recovery of any loss as a result thereof, if relevant; or

• the reportable irregularity is continuing; and - detailed particulars and information supporting the statement referred to above

3.) The engagement partner must consider all correspondence received from the Regulatory Board and must

ensure that confirmation of receipt of the report is received from the Regulatory Board

2.1.7 Client monies / assets held No Monies or any assets will be held by the firm on behalf of a client. No monies are to be paid into the firms account for payment to a third party. Should a client inadvertently pay money to the firm such money will be immediately returned to the client. The firm does not have a trust account and will never have a trust account in which client funds are to be held. Should circumstances arise that monies should be held by a third party then the parties will agree on a respectable attorney and approach the said attorney and make use of their trust account. Procedure

• Clients are to be informed of the firm policy when requested by any third party to hold funds or assets on their behalf.

• No funds or assets are to be accepted by the firm or any of its staff and held on behalf of any third party or client.

• The bank account is monitored on a daily basis and any un recognized deposits are identified and client contacted and funds returned immediately should it be necessary

• Any assets or monies that is delivered to the firm must be returned to the client immediately. 2.1.8 Conflict of interest and its resolution;

Partners or professional staff joining clients; Policy An audit firm’s independence is impaired with respect to an audit client that employs a former firm professional who could, by reason of his or her knowledge of and relationships with the audit firm, adversely influence the quality or effectiveness of the audit, the firm must undertake steps that effectively eliminate such risk. Procedures Pre-change in employment safeguards

• Firm professionals are required promptly to report to the firm conversations between themselves and an audit client respecting possible employment.

• Firm professionals engaged in negotiations respecting possible employment with an audit client are immediately removed from the audit engagement.

• Upon removal of a professional from the audit engagement as provided above, the firm reviews the professional’s work to assess whether he or she exercised appropriate skepticism while working on the audit engagement

Post-change in employment safeguards


• If a professional accepts employment with the audit client, the on-going engagement team gives active consideration to the appropriateness or necessity of modifying the audit plan to adjust for risk of circumvention.

• When a former firm professional joins an audit client and will have significant interaction with the audit team, the firm takes appropriate steps to provide that the existing audit team members have the stature and objectivity to effectively deal with the former firm professional and his or her work.

• When a former firm professional joins an audit client within one year of disassociating from the firm and the professional has significant interaction with the audit team, the next following annual audit is separately reviewed by an Independent Quality consultant to determine whether the remaining engagement team maintained the appropriate skepticism when evaluating the representations and work of a former firm professional.

• The firm requires the prompt (1) liquidation of all capital balances of former firm partner who has become employed by an audit client and all retirement funds are to be moved to the Partner or staff member. They are to have no financial interest in the firm.

Staff secondments to clients; Policy Secondment of staff will not be encouraged however to assist a client they will be entertained. Secondments will last between a few days to no more than a month. Secondments will not be facilitated where a possible conflict of interest could arise between the interests of the firm and the client. Seconded staff are entitled to maintain their terms and conditions of employment. Annual leave entitlements will remain unchanged. Day to day management of the secondee’s performance, attendance and conduct will be the responsibility of the client. Time spent on secondment will not affect continuity of service. A secondee returning from secondment will return to his or her position in the firm. The client will supply training and equipment necessary for the secondee to perform the duties and responsibilities effectively and efficiently. A secondee, may not subsequent to the secondment, be engaged on the audit team for a period of two years after the termination on the secondment. Procedures Once a request has been received by a client to have a staff member seconded to the client the firm will consider the following:

• The nature of the tasks the client intends the secondee to perform

• The skills and abilities of the identified secondee

• The length of time required by the client.

• A contract to be drawn up between the firm and the client detailing the above and the rate for the secondee.

• The contract to be signed by both parties prior to commencement of the secondee services to the client.

• When considering an audit team for an engagement to an assurance tasks all secondees can not be considered to be on the team for two years after the end of the secondment.

Payment of commission; Policy The firm has the clear and distinct policy of NOT paying any commissions to any third party for ANY work, professional or otherwise, for referral passed onto the firm. Should such an offer be made the staff or partner will indicate the firm policy, to the party in question, and terminate any further communication in this regard. The firm will NOT accept ANY commission from any vendor who supplies any goods or services to a client of the firm. Should a vendor offer such commissions to the firm, the staff or partner, will instruct the vendor to pay such commission back to the client. Any staff member who is later found to receive a commission contrary to the firm policy will face immediate dismissal and termination of their training contract. Procedures


• The payment administrator has standing instructions that no commissions are to be paid to a third party.

• Should a request be received from a third party for a commission it must be reported to the partner.

• The partner will inform the third party of the firms policy and no payment will be made.

• The bank account is monitored on a daily basis and any un recognized deposits are identified and third party will be contacted and funds returned immediately should it be necessary.

• The client and the vendor will be notified of the firm policy and the vendor may then pay such commission back to the client.

Gifts and hospitality; Policy Any gifts or hospitality offered to a staff member must be reported to the partner prior to the acceptance of the gift or hospitality. The partner will consider the nature and value of the gift or hospitality and should it be considered trivial and inconsequential and not expected to influence the auditor or staff members judgment such gift or hospitality will be accepted. Where possible such gifts or hospitality will be used by all staff of the firm. Procedures

• All staff are made aware of the policy.

• All staff are to encourage other staff members to comply with the policy.

• All gifits and hospitality will be evaluated by the partner as to its nature and value and he will decide on whether or not it may be accepted.

Non-audit services performed for audit clients (e.g.: Section 90) Policy The firm does not accept appointment from the following entities (rejection criteria):

• public companies

• state owned companies

• subsidiaries of public companies

• private companies whose MOI's require an audit

• auditor general

• Companies regulated by the FSB

• any entity which requires an audit due to taking client deposits if it has taken such a deposit during the period under review

• Entities as defined by section 290.26 of the IRBA code of professional conduct.

• Estate Agents that directly holds trust moneys as defined in the Estate Agency Affairs Act, 1976

• Any Attorney that directly holds trust money as defined in the Attorneys Act no 53 of 1979 All non assurance work is conducted by a related company, which is not subject to IRBA and who has its own staff and management structure. No non assurance work is conducted by the auditing firm.

Procedures

• All work received from a client is considered and evaluated.

• All non assurance work is then passed to the related company who performs such work for reward

• Assurance work is retained by the firm and conducted in terms of the rules surrounding the provision of assurance work

Overdue fees from audit clients. Policy Where a significant portion of the assurance fees are overdue and remain unpaid the firm will not conduct the next assurance assignment until such fees have been settled. Long outstanding fees may create a self interest threat and


should be avoided at all times. Clients need to receive statements at least once a month indicating the existence of outstanding fees. Should fees be older than 90 days the partner is required to approach the client for an explanation. Procedures

• Prior to the commencement of an assurance assignment the partner will review the debtors age analysis and determine if there are assurance fees overdue.

• Should no fees be outstanding the audit team will be identified and they can commence with the assurance engagement.

• Should significant fees be outstanding the partner will make contact with the client as t the reason for unpaid fees.

• The partner should then inform the client of the policy and delay the commencement of the engagement until such fees are paid.

2.1.9 maintenance of prohibited investment lists; As the firm does not provide assurance to listed or subsidiaries of listed entities staff are not prohibited in acquiring investments in listed entities. All staff are prohibited from acquiring an interest in any assurance client. Lists of assurance clients are provided and included in the annual declaration of independent form signed by each staff member indicating that they have no investment in any client.

2.1.10 breaches and/or waivers of ethical requirements; The code of ethics is adopted in full and all staff are required to adhere to all parts of the code of ethics. The code has been developed not only to satisfy existing legal requirements, but also to engender behaviour which exceeds the legal minimum. Staff should be familiar with the substance and spirit of the Code and should be aware that breaches may result in sanctions being imposed. All staff are encouraged to report any breaches of the code of ethics to the partner. The partners are also vigilant to identify any breaches of the IESBA code of ethics. No waiver of the code of ethics will be sanctioned unless there are extreme extenuating circumstances. Any breach reported must be fully investigated by the partner involved. All breaches are fully documented. The partner will council with all parties concerned and if appropriate seek legal advice. All members who have been found to be in breach of any ethical requirement will be sanctioned which may include counselling, disciplinary action, performance review, or civil or criminal action, depending on the nature of the breach.

2.1.11 Safeguards over the familiarity threat;

The firm policy is not to engage Listed or subsidiaries of listed companies or any client where an audit is

required by law save for entities who do Not accept client funds, and accordingly paragraph 290.151 is not

applicable to the audit partner. There is only one audit partner at the firm so partner rotation is not practical

and not an option. At least one assurance engagement per annum is referred to a qualified CA who will review

the file and comment as to the independence and quality of work. Where the partner has been the

engagement partner of an engagement for longer than 5 consecutive years, an assessment of his

independence will be conducted. This assessment will be at the discretion of the Partner. Such an assessment

will be conducted by an independent assessor that poses the necessary qualifications and experience.

The audit manager is responsible to ensure that staff are rotated and that clerks are not assigned the same

assurance client two years in a row. This not only reduces the threat of familiarity but also assists the clerks

with their training by giving them exposure to various problems and clients.

2.1.12

Policy


Carlisle Financial Services does not broker any long term or short term products. The partners and staff are

prohibited from consulting and or giving any advice regarding the advantages or disadvantages of various

products vendored by various long or short terms companies. No advice will be given as the various

assurance and insurance vendors. The partners and staff may only provide information as to the tax treatment

of the various products. No advice is to be provided regarding the benefits or any other advantage of one

company above another. Should a client request any advice or information in this regard, staff are to advise

the client to speak directly to their broker and should the client not have a broker the staff, may on request of

the client provide a contact details of any brokers we are aware of so the client can make theor choice of

whom they would prefer to use. The client is to be informed that we provide no assurance of any kind as the

quality of service or advice provided by the broker.

Procedures

All staff and partners are encouraged to report any discussion with any client requesting any advice regarding

short or long term assurance or insurance products.

The various parties are to be informed of the firms policy and no reliance is to placed on any opinion that may

have been inferred by any communication in this regard.

No formal communication is to be sent to any party regarding any request for advice or any information

regarding long or short term products.

3. Acceptance and Continuance of Client Relationships and Specific Engagements

3.1 Acceptance and Continuance

The Partner shall only accept new engagements or continue existing engagements and client relationships where it has the

capabilities, including time and resources, to do so, and can comply with ethical requirements and has considered the

integrity of the (prospective) client and has no information to conclude that the (prospective) client lacks integrity.

The Partner must approve and sign off on the decision to accept or continue an engagement in accordance with The

Partner policies and procedures.

3.1.1 Prospective New Clients

An evaluation of a prospective client and authorized approval shall be undertaken, and documented, before issuance of

any client proposal. The evaluation process will include:

• an assessment of the risks associated with the client; and

• inquiry of appropriate personnel and third parties (including the predecessor firm).

The Partner may also engage in background searches, such as making use of any online information that may be readily

available. Directors and managers' integrity of the audit client and reputation of the client as a whole must always be

considered and all information pertaining to their integrity and reputation must always be considered prior to the

commencement of an engagement by the Partner. All information obtained, whether from previous audit files or media

releases to discussions with the client and other managers should be taken into consideration by the Partner. Staff and

partners are cautioned not to simply accept loose rumors but to validate the information obtained so as not to consider

incorrect information. All possible efforts should be employed to ensure that the firm has an accurate understanding of

clients and potential clients integrity and reputation.

Procedure

• Consider information obtained in prior engagements


• Consider information obtained from prior conversations with management.

• Where information has come to light negatively affecting the reputation of a client arrange a meeting with the client

to discuss

• Consider the clients response

• Where necessary use public information like the internet and press and consider what has been reported

• Should it be considered appropriate follow management on social media and consider the integrity of the

individuals to their comments and postings

Once a determination has been made to accept a new client, the Partner shall comply with the relevant ethical

requirements (such as communicating with the former firm if required by the member body code of ethics) and will prepare

an engagement letter for signature by the new client.

3.1.2 Existing Clients

For each ongoing engagement, a documented client continuance review is required to determine whether it is appropriate to continue providing the client with services, based on the prior engagement and planning for the continuing engagement. This review will also include consideration of any rotation requirements.

3.1.3 Prospective New Clients and Existing Clients

When considering whether or not to accept or continue a particular engagement The Partner shall consider:

• Whether Carlisle Financial Services and staff are, or can reasonably become, sufficiently competent to undertake

the engagement (this would include knowledge of the industry and subject matters and experience with the

regulatory or reporting requirements);

• Access to any experts that may be required;

• Identification and availability of the individual assigned to perform the engagement quality control review (if

required);

• Any proposed use of another auditor’s or accountant’s work (including any collaboration which may be necessary

with other offices of the firm or network firms);

• The ability to meet the engagement’s reporting deadline;

• Whether there are any actual or potential conflicts of interest;

• Whether any identified independence threats have or can have safeguards applied and maintained to reduce them

to an acceptable level;

• The quality of the (potential) client’s management, as well as those charged with governance and those who control

or exert significant influence over the entity, including their integrity, competence, and business reputation (including

consideration of any lawsuits or negative publicity surrounding the organization), together with present and past firm

experience;

• The attitude of these individuals and groups towards the internal control environment and their views on aggressive

or inappropriate interpretations of accounting standards (including consideration of any modified reports that have

previously been issued and the nature of the qualifications);

• The nature of the entity’s operations, including its business practices and the fiscal health of the organization;

• Whether the Partner is under pressure from the client to keep the billable hours (fees charged) at an unreasonably

low level;

• Whether the Partner expects any scope limitations;

• Whether there are any signs of criminal involvement; and

• The reliability of the work done by the preceding firm and how this predecessor has responded to communications

(this would include knowledge of the reasons the client left the previous firm).


Should the client meet one of the rejection criteria then the firm will not accept appointment. The client will only be accepted should all the acceptance criteria be met and the firm believes that its reputation and independence will not be placed in jeopardy then the client may be accepted. The firm does not accept appointment from the following entities (rejection criteria):

• public companies

• state owned companies

• subsidiaries of public companies

• private companies whose MOI's require an audit

• auditor general

• Companies regulated by the FSB

• any entity which requires an audit due to taking client deposits if it has taken such a deposit during the period under review

• Entities as defined by section 290.26 of the IRBA code of professional conduct.

• Estate Agents that directly holds trust moneys as defined in the Estate Agency Affairs Act, 1976

Any Attorney that directly holds trust money as defined in the Attorneys Act no 53 of 1979

If, after accepting or continuing an engagement, The Partner receives information, which, if known earlier, would have

resulted in a refusal of the engagement, The Partner must consider whether to continue the engagement and will normally

seek legal advice regarding its position and options to ensure that it meets all relevant professional, regulatory, and legal

requirements.

Before accepting an engagement, the Partner will consider whether the firm is competent and has access to the necessary recourses

All staff and partners are expected to keep their knowledge up to date by following CPD requirements. Staff and partner

must keep abreast of changes in auditing standards and requirements. Should staff or partner find a weakness they are

must research the auditing skills required and update the audit manual of the firm and disseminate these techniques and or

procedures to all members of staff. Audit engagements should not be accepted where the firm does not have the available

resources. Carlisle Financial Services has employed a full-time Audit Manager. The Partner of Carlisle Financial Services

has committed to fund and provide all required resources which may reasonably be required by the firm to operate such

firm successfully.

Carlisle Financial Services may, from time to time, use Professionally Qualified Independent Specialists such as Attorneys

and Accountants with special skills, if certain aspects of the audit process require it. Such independent specialists will

however not have any decision making rights and will only act as specialist advisors to Carlisle Financial Services in terms

of the traditional Service Level Agreements of their industry segments

When requested to review other practitioners files care should be taken to identify procedures not part of the current audit manual of the firm. Procedure

• CPD of partner is monitored regularly • Partner regularly attends CPD events regarding all aspects of auditing • All staff academic performance is evaluated annually when university results are released • Only university graduates are employed • Regular performance reviews are done in line with the SAICA training office schedule • Staff are evaluated regarding competencies on a regular basis

Prior to the commencement of an assurance engagement the partner will consider the following: • time required • number of staff • Competencies required to perform the engagement • Deadline of the engagement • Special requirements of the client

Once all these factors have been considered the partner will decide if the resources are sufficient to complete the engagement.


3.2 Withdrawal from an Engagement or Client Relationship

The following process shall be followed when considering withdrawal from an engagement or client relationship:

(i) The Partner will undertake to meet with the client’s management and those charged with governance to discuss the

actions that may be taken, given the relevant facts and circumstances.

(ii) If withdrawal is consequently considered appropriate, the Partner will document the significant matters which led to the

withdrawal, including the results of any consultation, the conclusions reached, and the basis for these conclusions. The

Partner will also consider whether they have a professional, regulatory or legal obligation to report the withdrawal of

the engagement to any relevant authorities.

(iii) If there is a professional, regulatory or legal requirement which compels Carlisle Financial Services to continue the

engagement, the reasons for continuance should be documented, including consideration of consultation with the legal

counsel.

3.3 Communication with Predecessor Auditor Prior to the acceptance of professional work, the Partner will enquire from the predecessor auditor, in writing, whether there any professional or other reasons precluding the firm to accept the engagement. The firm will also request the existing auditor if there is any other information pertinent to the firm which should be considered before the acceptance of the engagement. Procedure Subsequent to the initial investigation as to whether we should accept the engagement and it is found that the firm has the resources and capabilities to accept the appointment. Also the client must not be a client in nature with whom the firm does not engage. The firm will then:

• Obtain the potential clients permission to engage with the existing auditor. • enquire as to the identity and contact details of the existing auditor. • A letter is then drafted and sent to the existing auditor. • 14 days is then allowed to elapse and should no response be forthcoming the firm will then attempt to make contact

to enquire as to the lack of response. • Once the response is received it will be reviewed by the partner and its contents considered. • Should there be an absence of any professional reason then the appointment will be accepted. • Should the existing auditor bring information to the fore which was not uncovered in the initial investigation those

facts will be considered • It may lead to further investigation as to whether the engagement will be accepted. • The partner will make the final decision as to acceptance of the client.


4. Human Resources

Carlisle Financial Services recognizes the value and authority of the HR in all human resource matters. The HR has

responsibility for:

• Maintenance and implementation of human resource policies designed to provide reasonable assurance that the

Carlisle Financial Services has sufficient personnel with the competence, capabilities, and commitment to ethical

principles necessary to:

◦ Perform engagements in accordance with professional standards and applicable legal and regulatory requirements;

and

◦ Enable the firm to issue reports that are appropriate in the circumstances;

• Identifying required policy changes resulting from labor laws and regulations and to remain competitive in the

marketplace;

• Providing guidance and consultation on human resource related matters;

• Maintenance of performance evaluation appraisal systems;

• As requested, recommending specific actions or procedures appropriate to the circumstance (for example discipline,

recruitment);

• Developing, and periodically monitoring, an annual training and professional development plan for all personnel;

• Development and delivery of orientation training; and

• Maintenance of personnel files (including annual declarations of independence, acknowledgement of confidentiality,

and training and continuing professional development reports)

4.1 Recruitment and Retention

The firm only employs clerks who have a B Comm degree and intend to study towards graduating as a Chartered Accountant. The firm only employs enough clerks to satisfy its current demand from clients and its ability - current experienced staff - to provide adequate training to recruits. All new recruits are expected to have their own transport and live with in a reasonable proximity to the firm. Suitable candidates are required to perform a skills test at the firm and only candidates who pass are asked to an interview. All new staff members are required to serve a three month probationary period. Due to the nature of the firms activities ( being auditors in public practice), the firm exercises caution with regards to the Human resource. The firm follows the guidelines in the Auditing Profession Act no 26 of 2005, section 37(3) in selecting its personnel, as such no person that has a criminal record, Persons declared by a competent court to be of unsound mind or has been removed from an office of trust due to misconduct. As the firm deals with sensitive information, at the Partners discretion, no person that has been declared insolvent may be employed,

The Partner must assess professional service requirements in order to ensure they have the capacity and competence

necessary to meet clients’ needs. This will ordinarily include developing a detailed expectation of engagement

requirements over the course of each calendar period in order to identify peak periods and potential resource

shortages.

The Partner uses current application, interviewing, and documentation processes with respect to hiring. The Partner

will consider the following items when the Partner is seeking candidates for employment, the partner will employ

personnel to ensure that the firm has competent and sufficient personnel to perform engagements, this is in line with

the guidelines provided by A29 of ISQC 1:

• Verifying academic and professional credentials and checking references; • Clarifying gaps in time on candidates’ resumes; • Considering credit and criminal-record checks; • Clarifying with candidates the firm’s requirement to state in writing, annually and for each assurance

engagement, whether they are independent and free of conflict of interest; and • Informing candidates of the requirement to sign a declaration regarding understanding of and compliance with

the firm’s confidentiality policy


The Partner provides all new personnel orientation information as soon as is practical after commencing employment

with Carlisle Financial Services. The orientation materials include a complete copy of the Carlisle Financial Services’

policies and procedures. A probationary period of 3 (THREE) months applies to all new personnel.

The Partner endeavors to identify opportunities for the personnel’s career development in order to retain competent

staff and to provide for Carlisle Financial Services’ sustainability and continued growth.

The Partner periodically reviews the effectiveness of the recruitment program together with an assessment of the Carlisle Financial Services’ current resource needs to identify whether revisions to the program are required.

The Partner provides all new personnel orientation information as soon as is practical after commencing employment

with Carlisle Financial Services. The orientation materials include a complete copy of the Carlisle Financial Services’

policies and procedures. A probationary period of 3 (THREE) months applies to all new personnel.

The Partner endeavors to identify opportunities for the personnel’s career development in order to retain competent

staff and to provide for Carlisle Financial Services’ sustainability and continued growth.

The Partner periodically reviews the effectiveness of the recruitment program together with an assessment of the Carlisle Financial Services’ current resource needs to identify whether revisions to the program are required. ii. Performance evaluation; Policies Compliance with the firms policies will feature prominently in the evaluation of individual staff members, both on an ongoing basis and in the regularly scheduled personnel review process. Appropriate weighting will be assigned to the traits identified in the assessment of job performance and in determining remuneration levels, bonuses, advancement, career development, and authority within the firm. Quality shall feature prominently in such weighting. Academic advancement also is also considered under performance evaluation. Procedures

Performance appraisals are conducted on a regular basis in line with the SAICA training office guidelines. Annually academic progress is considered with the universities releasing their results. Annually staff meetings are held and advancements and increases are overall progress is discussed. All new recruits are sent on an induction session with an outside consultant - Evan Noik - who outlines the expectations of the firm and professional and advancement iii. Capabilities; Policies The staff capabilities and competence must be regularly reviewed and staff improvements monitored. Areas where staff members have not improved their competence and capabilities must be identified and strategies adopted to counter this lack of improvement. Procedures All staff are required to bi monthly complete TSR's and PSR's which identifies all areas of professional competence and a scoring is weighted to each area clearly identifying areas of professional competence where staff have made improvements and those that have not. A strategy is then implemented to assist the staff member to improve in that particular area iv. Competence;


Policies The staff capabilities and competence must be regularly reviewed and staff improvements monitored. Areas where staff members have not improved their competence and capabilities must be identified and strategies adopted to counter this lack of improvement. Procedures All staff are required to bi monthly complete TSR's and PSR's which identifies all areas of professional competence and a scoring is weighted to each area clearly identifying areas of professional competence where staff have made improvements and those that have not. A strategy is then implemented to assist the staff member to improve in that particular area v. Career development; Policies Providing opportunities for its personnel’s career development will enhance the firm’s ability to retain competent professionals, which will in turn support sustainability and continued growth Procedures The firm periodically review the effectiveness of its recruitment program together with an assessment of its current resource needs to identify whether revisions to the program are required. vi. Promotion; Policies Promotion in the firm must be linked to the staff members abilities and academic progress. Staff members who show a willingness to participate in the overall firms goals and core values are to be promoted Procedures Completion of bi monthly and TSR and PSR's and academic progress is considered by the partner when deciding on staff promotion vii. Estimation of personnel needs; Policies To ensure the firm has the capacity and competence necessary to meet its clients’ needs, it is necessary for the firm to routinely assess its professional service requirements. The firm will consider the following: A detailed expectation of engagement requirements over the course of each calendar year in order to identify peak periods and potential resource shortages Maintaining standards for new recruits and provide candidates with an explanation of these expected qualifications during the recruitment process; Procedures Annually the partner will review the new year and prepare a budget. In so doing understand the peak and low periods of the year. At the same time review the capabilities of the current staff and decide on the optimum number of staff viii. Disciplinary actions; Policies


The firm’s quality control system requires more than just effective monitoring. An enforcement process is essential, and includes consequences and corrective procedures for non-compliance, disregard, lack of due care and attention, abuse, and circumvention. To this end it should be note the firm has the right and a responsibility to manage its business and direct its employees in doing so. The firm reserves the right to implement rules or to establish standards of performance and behaviour and the measurement thereof. Disciplinary action taken by the firm should at all times conform to the Code of Good Practice of the Labour Relations Act. An employee has the right to be represented by a fellow employee at any stage of a disciplinary procedure Procedures Some rules or standards in the workplace are so well established that it is not necessary to communicate them in this procedure. However, some have been listed in the schedule attached hereto. Before a problem becomes a disciplinary issue, a supervisor may guide, inform or remind the employee informally on the applicable rule or performance situation. Such counselling is not viewed to form part of formal disciplinary action but is rather part of a day-to-day communication within the company. Formal procedures do not have to be invoked every time a rule is broken or standard is not met. Informal advice and correction is accepted as the best and most effective way for the company to deal with minor violations of work discipline. Repeated misconduct warrants warnings, which themselves may be graded according to degree of severity. More serious infringements or repeated misconduct may call for a final warning or other action short of dismissal. Dismissal would be reserved for cases of serious misconduct or repeated offences. The seriousness of the offence will determine the action to be taken and not necessarily, the number of occasions the transgressions were committed. Step 1: Verbal warnings Step 1 will not apply in cases of serious misconduct. This will normally be the first formal action instituted against an employee for failure to meet performance requirements, breach of the terms of employment of the company or other work rules. These warnings will normally be given by the employee's immediate supervisor. Warnings of this nature must be given as soon as possible after the offence became known. Step 2: Written warning These written warnings may be used when the verbal warning(s) fail(s) to produce the required results or where stronger action than a verbal warning is required. The supervisor can record, in writing, the incident that gave rise to the issuing of such written warning, (see Annexure "E") A copy of the warning shall be handed to the employee for which the employee shall be required to sign acknowledgement of receipt. If refusing to sign, a witness should sign in the presence of the accused, confirming that the warning was issued. A copy of such warning will be included in the employee's personnel file. Written warnings should be issued as soon as possible after the incident carne to management's attention. Written warnings shall remain valid for a period of six (6) months. Step 3: Final Written Warnings:


This step may be used where previous verbal and written warnings had failed to produce required results and/ or where stronger action than the abovementioned is required. The relevant supervisor will record in writing the incident which gave rise to the issuing of the final written warning, A copy of the warning shall be handed to the employee for which the employee shall be required to sign acknowledgement of receipt. - A copy of such final warning will be included in the employee's personnel file. Final Written Warnings should be issued as soon as possible after the incident came to management's attention. Final Written Warnings shall remain valid for a period of six (6) months. Step 4: Dismissal This step may be used where previous written warnings have failed to produce required results or stronger action than either First or Final Warnings are necessary due to the seriousness of the offence. Following a pre-investigation, the relevant supervisor will record in writing the incident, in the form of a notification to attend a disciplinary hearing. The employee shall be issued with a copy of such notice and the hearing shall be set down in accordance to this procedure. The employee is entitled to reasonable time to prepare for the hearing. If possible, an impartial chairperson will be appointed, alternatively, the designated manager will act as chairperson of the said disciplinary hearing. The employee will be afforded an opportunity to state his case in response to any allegation. After having listened to the evidence presented by the supervisor or any other initiator, the chairperson will consider whether the employee is guilty or not of the charges. In the event of the chairperson determining that the employee is guilty of the charges, the employee will be requested to offer mitigating circumstances prior to a decision with regard to the penalty being taken. After considering all the evidence and documents placed before the hearing and after having given due consideration to any mitigation offered by the employee, the chairperson may decide to terminate the services of the employee, or any other appropriate action. (See Annexure "G") If the employee is dismissed, the employee will be given the reasons for the dismissal in writing and will be reminded of any rights in terms of the Labour Relations Act ix. Attendance and offering of courses; Policies The partner and staff who have completed their university studies must meet the minimum continuing professional development requirements as defined by the IRBA and any additional identified training needs which are appropriate for their level and responsibilities. Attendance at external professional development courses must be approved by the Partner The partner and staff are responsible for maintaining their own professional development records through use of the SAICA website. Procedures The partner collects and reviews these records annually in order to ensure the required training and CPD has been undertaken and, if relevant, to determine appropriate actions to address any shortfalls.


x. Development needs; Policies All staff are required to ensure that they continually develop their skills. Areas where development is required must be identified and suitable strategies adopted to ensure that staff members obtain opportunities to improve on areas requiring development. Procedures • Staff members are required to complete bi Monthly PSR's and TSR's • These forms are evaluated by the skills development facilitator • Bi monthly he meets with the staff member and discusses the progress made • Areas where development are required are identified and strategies developed in order to remedy the situation.

4.2 Training and Continuing Professional Development (CPD)

Carlisle Financial Services and staff must meet the minimum continuing professional development requirements as

defined in SAICA’s code of professional conduct and any additional identified training needs which are appropriate for

their level and responsibilities.

Attendance at external professional development courses must be approved by HR.

The Partner and staff are responsible for maintaining their own professional development records (and, where

applicable, adhering to the firm’s guidelines). The Partner or HR collects and reviews these records annually in order to

ensure the required training and CPD has been undertaken and, if relevant, to determine appropriate actions to address

any shortfalls.

Assessment of Partners and Staff competencies

The partner is required to regularly attend CPD courses. The partner is required at a minimum of every second year to

attend formal training in areas of accounting or auditing which comprise of formal dedicated training by a formal outside

training company. All staff are required to ensure that they continually develop their skills. Areas where development is

required must be identified and suitable strategies adopted to ensure that staff members obtain opportunities to improve

on areas requiring development.

The partner will identify suitable formal training course and attend it.

Staff members are required to complete bi Monthly PSR's and TSR's These forms are evaluated by the skills

development facilitator

• Bi monthly he meets with the staff member and discusses the progress made

• Areas where development are required are identified and strategies developed in order to remedy the situation.

4.3 Assignment of Engagement Teams

Through its policies and procedures, the Partner ensures the assignment of appropriate staff (individually and

collectively) to each engagement. The responsibilities of the Partner are clearly defined in section 5.1 of this manual and

in the engagement templates provided by Carlisle Financial Services. The Partner is also responsible for ensuring that

the individuals assigned, and the engagement team as a whole, have the necessary competencies to complete the

engagement according to professional standards and the firm’s quality control system.


When determining the appropriate personnel to assign to an engagement, particular attention will be given to their technical knowledge, qualifications and experience. Continuity with the client, balanced with rotation requirements, will also be considered.

The Partner will also plan for coaching opportunities between junior and senior personnel to guide the development of

less experienced staff.

4.4 Enforcement of Quality Control Policies (Discipline)

Carlisle Financial Services’ quality control system requires more than just effective monitoring. An enforcement process

is essential, and includes consequences and corrective procedures for non-compliance, disregard, lack of due care and

attention, abuse, and circumvention.

The Partner has overall responsibility for the disciplinary process. Corrective action is determined and administered

through a consultative process, not in an autocratic fashion. The corrective action taken will depend on the

circumstances.

Serious, willful, and repeated infractions or disregard for Carlisle Financial Services’ policies and professional rules

cannot be tolerated. Appropriate steps must be taken to correct the staff member’s behavior or terminate the person’s

relationship with Carlisle Financial Services.

Corrective action taken by the Partner will depend on the circumstances. Such actions might include, but are not limited

to: • Interviewing the person(s) involved to establish the facts and discuss causes and solutions;

• Counselling and/or mentoring; and

• Conducting follow-up interviews to ensure compliance has improved or to caution the staff involved that stronger

corrective action will otherwise be required to protect the interest of clients and the firm, such as:

◦ Reprimand (either oral or written);

◦ Mandatory requirement to complete defined continuing professional development;

◦ Written record filed in the personnel file;

◦ Employment suspension;

◦ Termination of employment; or

◦ Formal notification filed with the professional association’s discipline committee.

4.5 Rewarding Compliance

Compliance with Carlisle Financial Services’ policies will feature prominently in the evaluation of individual staff

members, both on an ongoing basis and in the regularly scheduled personnel review process.

Appropriate weighting will be assigned to the traits identified in the assessment of job performance and in determining remuneration levels, bonuses, advancement, career development, and authority within the firm. Quality shall feature prominently in such weighting.

Performance appraisals, conducted on a periodic basis, will include the form and content as defined by the

SP’s policy(Performance review form VER.INF.4.1.)

5. Engagement Performance

Through established policies and procedures and its quality control system, Carlisle Financial Services requires that

engagements be performed according to professional standards and applicable regulatory and legal requirements.


Carlisle Financial Services’ overall systems are designed to provide reasonable assurance that the staff are adequately

and properly planned, supervised, and reviewed and that the engagement reports are appropriate in the circumstances.

To facilitate staff performance on engagements consistently and according to professional standards and regulatory and

legal requirements, Carlisle Financial Services provides sample working paper templates for documenting the

engagement process for clients. These templates are updated as required to reflect any changes in professional

standards. Staff use these templates to document key facts, risks, and assessments related to acceptance or

continuation of each engagement. Staff are encouraged to exercise professional judgment when modifying such

templates to ensure that such matters are appropriately documented and assessed for each engagement in accordance

with professional standards and firm policies.

Also available are research tools and reference materials; a quality control system, as set out in this manual; appropriate

industry-standard software and hardware tools, including data and system access security and guidance; training, and

education policies and programs, including support for compliance with [state applicable jurisdiction] professional

development requirements.

Supervision and review responsibilities shall be determined by The Partner and may vary between engagements.

Review responsibilities shall be determined on the basis that the work of less experienced team members is reviewed

by more experienced engagement team members. Reviewers shall consider whether engagement teams have:

• Used (modifying as appropriate) Carlisle Financial Services’ templates for file preparation, documentation, and

correspondence, as well as its software, research tools, and the signing and release procedures appropriate for

the engagement;

• Followed and adhered to the ethical policies of the firm;

• Performed their work to professional and the Carlisle Financial Services’ standards with due care and attention;

• Documented their work, analysis, consultations, and conclusions sufficiently and appropriately;

• Completed their work with objectivity and appropriate independence, on a timely and efficient basis, and

documented the work in an organized, systematic, complete, and legible manner;

• Ensured that all working papers, file documents, and memoranda are initialled, properly cross- referenced, and

dated, with appropriate consultation on difficult or contentious matters;

• Ensured that appropriate client communications, representations, reviews, and responsibilities are clearly

established and documented; and

• Ensured that the engagement report reflects the work performed and intended purpose and is issued soon after

the fieldwork is complete.

5.1 Role of the Partner as Engagement Leader

The engagement leader is responsible for signing the engagement report. As leader of the engagement team, The

Partner is responsible for:

• The overall quality for each engagement;

• Forming a conclusion on compliance with requirements relating to independence from the client, and in doing so,

obtaining the information required to identify threats to independence, taking action to eliminate such threats or

reduce them to an acceptable level by applying appropriate safeguards, and ensuring appropriate documentation is

completed;

• Ensuring that appropriate procedures regarding the acceptance and continuance of client relationships have been

followed, and that conclusions reached in this regard are appropriate and have been documented;

• Ensuring that the engagement team collectively has the appropriate competence and capabilities to perform the

engagement in accordance with professional standards and applicable legal and regulatory requirements;


• Supervising and/or performing the engagement in compliance with professional standards and regulatory and legal

requirements, and ensuring that the engagement report issued is appropriate in the circumstances;

• Communicating to key members of the client’s management and those charged with governance the

Carlisle Financial Services’ identity and role as engagement leader;

• Ensuring, through review of the engagement documentation and discussion with the engagement team, that sufficient appropriate evidence has been obtained to support the conclusions reached and for the engagement report to be issued;

• Taking responsibility for the engagement team by undertaking appropriate consultation (both internal and external)

on difficult or contentious matters; and

• Ensuring a QCR is appointed when required by professional standards and/or the Carlisle Financial Services’

policy; discussing significant matters arising during the engagement and identified during the engagement quality

control review with the QCR; and not dating the report until the review is complete. 5.2 Consultation

The Partner encourages consultation among the engagement team and, for significant matters with others inside and,

with authorization, outside the firm. Internal consultation uses the Carlisle Financial Services’ collective experience and

expertise (or that available to Carlisle Financial Services) to reduce the risk of error and improve the quality of

engagement performance. A consultative environment improves the Carlisle Financial Services’ or staff ’s learning and

development process and adds strength to Carlisle Financial Services’ collective knowledge base, quality control

system, and professional capabilities.

For any significant, difficult, or contentious issue identified during planning or throughout the engagement, The Partner

shall consult suitably qualified external persons.

When external consultation is required, the situation shall be sufficiently documented providing enough detail to allow file

readers to understand the full extent of the nature of the consultation, the external expert’s qualifications and relevant

competencies, and the course of action recommended. The external expert shall be supplied with all relevant facts to be

able to provide informed advice. When seeking advice, it is not appropriate to withhold facts or direct the information

flow in order to get a particular desired result. The external expert shall be independent of the client, free of conflict of

interest, and held to a high standard of objectivity.

The external expert’s advice will ordinarily be implemented as the resolution or form part of the resolution of the

contentious issue. If the advice is not implemented or is substantially different from the conclusion, there shall be an

explanation documenting the reasons and alternatives considered, with (or cross-referenced to) the consultation record

provided by the Partner.

If more than one consultation is completed, a summary of the general discussions and range of opinions or options

provided shall be added to the working papers. The final position(s) adopted and the reasons for this shall also be

documented.

The Partner will make the final decision on all such matters, and will document the consultations and the reasons for the

final decision.

5.3 Differences of Opinion

The Partner and staff shall strive to be objective, conscientious, open-minded, and reasonable in assisting, facilitating, or

reaching a timely and non-confrontational resolution of any disputes or differences of opinion between personnel.


Anyone who is party to a dispute or difference of opinion shall attempt to resolve the matter in a timely, professional,

respectful, and courteous manner through discussion, research, and consultation with the other individual(s).

The Partner will consider the matter promptly and decide, through consultation with the parties, how to resolve the

matter. The Partner shall then inform the parties of this decision and the reasons behind it. In all cases, the nature and

scope of, and conclusions resulting from, consultations undertaken during the course of the engagement shall be

documented.

All staff are protected from any form of retribution, career limitation, or punitive actions for bringing attention to a legitimate

and significant issue, in good faith and with the true interests of the public, client, the Partner, or co- worker in mind.

If the individual is still not satisfied with the matter’s resolution and no further recourse is available within Carlisle

Financial Services, the individual will need to consider the matter’s significance, along with his or her position or

continuing employment with Carlisle Financial Services.

Disputes or differences of opinion shall be documented appropriately. In all instances, the engagement report will not be

dated until the matter is resolved.

5.4 Engagement Quality Control Review (EQCR)

All engagements must be assessed against the Carlisle Financial Services’ established criteria to determine whether an

EQCR shall be performed. This assessment should be made, in the case of a new client relationship, before the

engagement is accepted, and in the case of a continuing client, during the planning phase of the engagement.

The Carlisle Financial Services’ policy shall require the resolution of all issues raised by the QCR, to their satisfaction,

before dating the engagement report.

An EQCR is required before dating any audit report of the financial statements of listed entities. In any other

circumstances where an EQCR is conducted, the engagement report shall not be dated until completion of the EQCR.

Examples of criteria where Carlisle Financial Services may wish to require an EQCR:

• It is part of a set of safeguards applied where Carlisle Financial Services has a significant and recurring independence

threat resulting from a prolonged close personal relationship or close business relationship with the client, which had

been previously reduced to an acceptable level by other safeguards;

• An identified threat to independence involving the Partner is recurring and deemed significant but use of an EQCR may reasonably reduce these threats to an acceptable level;

• The engagement’s subject matter relates to organizations that are important to specific communities or the general

public;

• A large number of passive shareholders, equivalent-ownership unit holders, partners, co-venturers, beneficiaries, or

other similar parties receive and rely on the engagement report;

• There is significant risk identified and associated with the decision to accept or continue the engagement;

• There are questions about an entity’s ability to continue as a going concern, and the potential impact to third-party

users (other than management) is significant;

• Substantial impacts and risks to users involve new and very complex specialized transactions, such as derivatives

and hedges, stock-based compensation, unusual financial instruments, extensive use of management estimates, and

judgments that potentially have significant impact to third-party users;

• The entity is a large private entity (or related group under the responsibility of the same engagement partner); and


• The total fees paid by the client represent a large proportion to Carlisle Financial Services’ (for example, greater than 5%). Additionally, there may be factors which trigger an engagement quality control review after an engagement has already commenced. These may include situations where:

• The risk of the engagement has increased during the engagement, for example, where the client becomes the focus

of a takeover;

• There is concern among engagement team members that the report may not be appropriate in the circumstances;

• New and significant users of the financial statements are identified; The client is subject to significant litigation

which was not present during the engagement acceptance process;

• The significance and disposition of corrected and uncorrected misstatements identified during the engagement are a

concern;

• There have been disagreements with management on significant accounting matters or audit scope limitations; and

• There have been scope limitations.

5.4.1 Nature, Timing, and Extent of an Engagement Quality Control Review

The decision to conduct an EQCR, even if the engagement meets the criteria, and the extent of the EQCR, will depend

on the engagement’s complexity and associated risks. An EQCR does not diminish the Partner’s responsibility for the

engagement.

The EQCR shall include, as a minimum:

• Discussion of significant matters with the Partner;

• Review of the financial statements or other subject matter information and the proposed report;

• Review of selected working paper file documentation relating to the significant judgments the engagement team made

and the conclusions it reached; and

• Evaluation of the conclusions reached in formulating the report and consideration of whether the proposed report is

appropriate.

The QCR shall use a standardized engagement quality control checklist in order to complete the review and provide

appropriate documentation of such review.

For listed entities (and other organizations if included in Carlisle Financial Services’ policy), the EQCR must also consider: • The engagement team’s evaluation of Carlisle Financial Services’ independence in relation to the specific engagement;

• Whether appropriate consultation has taken place on matters involving differences of opinion or other difficult or

contentious matters, and the conclusions arising from those consultations; and

• Whether documentation selected for review reflects the work performed in relation to the significant judgments made

and supports the conclusions reached.

The Partner should allow a minimum of 10(TEN) business days from the release date for the EQCR, with two of those

days allocated for clearance of the review and completion. The time allowed for larger, more complex engagements

must naturally be substantially longer. The engagement report shall not be dated until the completion of the engagement

quality control review.

5.4.2 Engagement Quality Control Reviewer (QCR)

The Partner is responsible for establishing criteria for the appointment of QCRs and determining their eligibility. The

QCR must be objective, independent, and a suitably qualified external person who has time to fulfill this role. The

characteristics commonly attributed to a candidate suitable to serve this role include superior technical knowledge of

current accounting and assurance standards and a breadth of experience which would be exhibited at a senior level.


The QCR cannot be a member of the engagement team and cannot, directly or indirectly, review his or her own work, or

make important decisions regarding the performance of the engagement.

It is not unusual for the engagement team to consult with the QCR during the engagement. This will not normally

compromise the QCR’s objectivity, as long as The Partner (and not the QCR) makes the final decisions and the issue is

not overly significant. This process can avoid differences of opinion later in the engagement.

If the objectivity of the QCR becomes compromised following a consultation on a specific matter, the Partner should

appoint an alternate QCR.

6. Monitoring

The quality control policies and procedures are a key part of the Carlisle Financial Services’ internal control system.

Monitoring is a distinct component of the quality control system. It consists primarily of understanding the quality control

system and determining — through interviews, walk-through tests, and inspections of engagement files and other

documentation relevant to the operation of the quality control system (for example, training and continuing professional

development records and independence confirmations) — whether, and to what extent, this control system is designed

and operating effectively. It also includes developing recommendations to improve the system, especially if weaknesses

are detected or if professional standards and practices have changed.

The Partner shall designate responsibility for the monitoring process to a suitably experienced and independent party

(the monitor), most likely an external person.

The Partner and the monitor must be mindful of the need to inspect the quality control system for continuing

effectiveness in light of recent developments and to test controls periodically through formal monitoring at the

engagement file level to ensure the controls are working effectively and are not being deliberately circumvented or

applied with less rigour than intended.

Peter Carlisle and the monitor will also consider any feedback received from the senior Partner at BE Reese and Co

Registered Auditors file inspection and licensing regime. However, this is not a substitute for the Carlisle Financial

Services' own monitoring program.

6.1 Monitoring Program

The responsibility for monitoring the application of quality control policies and procedures is separate from the overall

responsibility for quality control.

The quality control system has been designed to provide Carlisle Financial Services with reasonable assurance that

significant and sustained breaches of policy and quality control are unlikely to occur or go undetected. The purpose of

the monitoring program is to assist Carlisle Financial Services in obtaining reasonable assurance that its policies and

procedures relating to the system of quality control are relevant, adequate, and operating effectively. The program shall

also help ensure compliance with practice and regulatory review requirements.

The Partner and staff must co-operate with the monitor, recognizing that this individual is an essential part of the quality

control system. Disagreement, non-compliance with, or disregard for the monitor’s findings shall be resolved through the

Carlisle Financial Services’ dispute resolution process (see section 5.3 of this manual).

The suitably qualified external person(s) who conduct the review will follow the Carlisle Financial Services’ established

procedures for monitoring.

6.2 Inspection Procedures


Monitoring of Carlisle Financial Services’ quality control system will be completed on an annual basis. As part of the

monitoring program, a selection of completed engagements shall be inspected, which may be chosen without prior

notification to the engagement team.

The monitor will consider the results of previous monitoring, the nature and extent of authority given to staff, the nature

and complexity of the Carlisle Financial Services’ practice, and the specific risks associated with the Carlisle Financial

Services’ client when designing the inspection.

The Partner will instruct the monitor to prepare appropriate documentation of inspections that will include:

• The results from evaluating elements of the quality control system;

• An evaluation of whether The Partner has appropriately applied quality control policies and procedures;

• An evaluation of whether the engagement report is appropriate in the circumstances;

• Identification of any deficiencies, the underlying reasons why they arose, their effect, and a decision on whether

further action is necessary, describing this action in detail; and

• A summary of results and conclusions reached (provided to Carlisle Financial Services), with recommendations

for corrective actions or changes needed.

The Partner will meet with the monitor (along with other appropriate personnel) to review the report and decide on the

corrective action and/or changes to make to the system, roles and responsibilities, disciplinary action, recognition, and

other matters as determined.

6.3 Evaluating, Communicating, and Remedying Deficiencies

The Partner shall consider whether the identified deficiencies indicate structural flaws in the quality control system or

demonstrate non-compliance by Carlisle Financial Services or a particular staff member. The Partner shall also

communicate all deficiencies detected and reported by the monitor to the relevant personnel, together with

recommendations for remedial action.

Recommendations to address reported deficiencies shall focus on addressing the underlying reasons for those

deficiencies and shall include one or more of the following:

• Take appropriate remedial action in relation to the individual engagement or member(s) of personnel

(for example, as set out in section 6.4.1 below);

• Communicate the findings to the HR;

• Amend the quality control policies and procedures; and

• Take disciplinary action in line with section 4.4 of this manual.

If it appears that the Carlisle Financial Services has issued an inappropriate engagement report or that the engagement

report’s subject matter contained a misstatement or inaccuracy, The Partner shall determine what further actions are

appropriate in order to comply with professional standards and regulatory and legal requirements. In such a

circumstance, The Partner will also consider obtaining legal advice.

If deficiencies are determined to be systemic or repetitive, immediate corrective action will be taken. In most cases,

deficiencies related to independence and conflict of interest will require immediate corrective action.

6.4 Report on the Results of Monitoring

After completing the assessment of the quality control system, the monitor must report the results to The Partner. The

report must be sufficient to enable The Partner to take prompt and appropriate action where necessary, and must also

include a description of the procedures performed and the conclusions drawn from the review. If


systemic, repetitive, or significant deficiencies are noted, the report must also include the action taken, or proposed, to

resolve them.

The monitor’s report will, at a minimum, include:

• A description of monitoring procedures performed;

• The conclusions drawn from monitoring procedures; and

• Where relevant, a description of systemic, repetitive or other significant deficiencies and of the actions taken,

together with any further recommended actions, to resolve these deficiencies (Internal Audit Report VER.REP.2.1)

6.4.1 Non-compliance

Non-compliance with the Carlisle Financial Services’ quality control system is a serious matter, particularly if staff has

willfully refused to comply with the Carlisle Financial Services’ policy.

Since the quality control system is in place to protect the public interest, the Partner will address willful non- compliance

transparently and rigorously. Willful non-compliance will be addressed in a number of ways, including instituting a plan to

improve performance; performance reviews and reconsideration of opportunities for promotion and increased

compensation; and ultimately termination of employment.

6.5 Complaints and Allegations

The Partner manages all matters concerning complaints and allegations that the work performed by the firm fails to

comply with professional standards and applicable legal and regulatory requirements, and allegations of non-compliance

with the firm’s quality control system.

Complaints and allegations — particularly concerning failure to exercise a duty of care in relation to client work, or other

breach of professional or legal duties by staff toward each other or clients — are serious matters. The Partner shall give

serious consideration to notifying the firm’s professional liability insurance company and/or seeking legal advice. If there

is any uncertainty, the Partner shall consult other trusted external professional colleagues.

Any complaint received from a client or other third party will be responded to at the earliest practical moment, with an

acknowledgement that the matter is being attended to, and that a response will be forthcoming after it has been

appropriately investigated.

The Partner maintains a defined policy with accompanying procedures that details the procedures to be followed if a

complaint or allegation arises.

The process provides that all staff are free to raise concerns without fear of reprisal.

7. Documentation

7.1 Documentation of the Carlisle Financial Service’ Policies and Procedures

All client related information shall be kept in electronic format, this includes working paper files and all other related

documentation. All electronic non documents are to be scanned in as used to reference working papers. No hard copies

are to be kept by the firm, they must either be returned to the client or be destroyed. All documents and working paper

will be set on the server to be reviewed and once reviewed and the files signed off they are to be removed and stored in

a secure location which has no internet connectivity. Three copies of all the data must be kept on separate devices all in

separate locations and without internet connectivity. All data so kept will be kept indefinitely. In subsequent years when

clerks require access to previous working papers the relevant files will be loaded on the server and removed once the

assurance engagement is completed for the current year. The Partner maintains policies and procedures that specify


the level and extent of documentation required in all engagements and for general use (as established in Carlisle

Financial Services’ manual/engagement templates). The Partner also maintains policies and procedures requiring

appropriate documentation to provide evidence of the operation of each element of its system of quality control for a

period of time sufficient to permit those performing monitoring procedures to evaluate the firm’s compliance with its

system of quality control, or for a longer period if required by law or regulation.

These policies ensure that documentation is sufficient and appropriate to provide evidence of:

• Adherence to each element of the Carlisle Financial Services’ quality control system; and

• Support for each engagement report issued, according to professional and Carlisle Financial Services standards and

regulatory and legal requirements, together with evidence that the EQCR has been completed on or before the date

of the report (if applicable). 7.2 Documentation of the Engagement

It is the Carlisle Financial Services’ policy that engagement documentation shall include:

• Engagement planning checklist or memorandum;

• Identified issues with respect to ethics requirements (including demonstration of compliance);

• Compliance with independence requirements and documentation of any discussions related to these issues;

• Conclusions reached with respect to acceptance and continuance of client relationship;

• Procedures performed to assess the risk of material misstatement due to fraud or error at the financial statement and

assertion level;

• Nature, timing, and extent of procedures performed in response to assessed risk including results and conclusions;

• Nature, scope, and conclusions drawn from consultations;

• All communications issued and received;

• Results of the EQCR which has been completed on or before the date of the report;

• Confirmation that no unresolved matters exist that would cause the reviewer to believe that the significant judgments

made and conclusions drawn were not appropriate;

• Conclusion that sufficient, appropriate audit evidence has been accumulated and evaluated, and supports the report

to be issued; and

• File closing, including appropriate sign-off.

The Carlisle Financial Services’ policy requires that final assembly of the engagement file be completed within 60 (SIXTY) days. If there are two or more reports issued for the same subject matter information, the Carlisle Financial Services’ policy should indicate that the time limits for assembly of the engagement file should be such that each report is treated as if it were a separate engagement.

Engagement documentation of any kind must be retained for a period of no less than 5(FIVE) years to allow those

performing monitoring procedures to evaluate the extent of the Carlisle Financial Services’ compliance with its internal

control system, as well as the needs of the firm, as required by professional standards, law, or regulations.

7.3 Documentation of the Engagement Quality Control Review

Each professional engaged by Carlisle Financial Services serving in the capacity of QCR must complete the Carlisle

Financial Services’ standardized EQCR checklist, in order to provide documentation that the review was performed. This

must include confirmation and supporting evidence or cross-references to it, affirming that:

• Appropriately qualified external professional(s) have performed the procedures required for an EQCR;

• The review was completed on or before the date of the engagement report;

• No unresolved matters have come to the QCR’s attention that would cause him or her to believe that the significant

judgments the engagement team made and the conclusions reached were not appropriate.


7.4 File Access and Retention

Carlisle Financial Services has established policies and procedures designed to maintain the confidentiality, safe

custody, integrity, accessibility, and retrievability of the engagement documentation.

These policies include consideration of various retention requirements under statute and regulations to ensure that

engagement documentation is retained for a period sufficient to meet the needs of Carlisle Financial Services.

All working papers, reports, and other documents prepared by Carlisle Financial Services, including client-prepared

worksheets, are confidential and shall be protected from unauthorized access.

The Partner must approve all external requests to review working papers. Working papers will not be made available to

third parties unless:

• The client has authorized disclosure in writing;

• There is a professional duty to disclose the information;

• Disclosure is required by a legal or judicial process; or

• Disclosure is required by law or regulation.

Unless prohibited by law, the Partner must inform and obtain written authorization from the client before making working

papers available for review. An authorization letter must be obtained when there is a request to review files from a

prospective purchaser, investor, or lender. Legal advice shall be sought if the client does not authorize disclosure of

information.

In the event of litigation or potential litigation, or regulatory or administrative proceedings, working papers shall not be

provided without obtaining consent from the Carlisle Financial Service’ legal counsel.

The Carlisle Financial Service’ policy dictates the number of years for which retention will apply for each of the following

types of files:

Permanent files 7 years

Tax files 7 years

Financial statements and reports 7 years

Annual or periodic working papers 5 years

Correspondence 5 years

The minimum retention period for former client working papers and files shall be 5(FIVE) years.

An accessible, permanent record of all files stored off-site will be maintained, and each storage container will be

appropriately labelled for easy identification and retrieval. The Partner shall approve any destruction of files and keep

permanent records of all materials destroyed.

7.5 Complaints and Allegations

The Partner manages all matters concerning complaints and allegations that the work performed by the firm fails to

comply with professional standards and applicable legal and regulatory requirements, and allegations of non-compliance

with the firm’s quality control system.

Complaints and allegations — particularly concerning failure to exercise a duty of care in relation to client work, or other

breach of professional or legal duties by staff toward each other or clients — are serious matter and/or seeking legal


advice. If there is any uncertainty, the Partner shall consult BE Reese and Co Registered Auditors and other

professional colleagues that may be appropriate at the time.

Any complaint received from a client or other third party will be responded to at the earliest practical moment, with an

acknowledgement that the matter is being attended to, and that a response will be forthcoming after it has been

appropriately investigated.

The Partner maintains a defined policy with accompanying procedures that details the procedures to be followed if a

complaint or allegation arises.

.

PETER CARLISLE t/a CARLISLE FINANCIAL SERVICES...2017/03/07 · Firms that Perform Audits and...

Documents

Transcript of PETER CARLISLE t/a CARLISLE FINANCIAL SERVICES...2017/03/07 · Firms that Perform Audits and...